package com.gj.tourismcommunity.utils;

import java.util.Base64;
import java.security.SecureRandom;

public class GenerateJwtSecret {
    
    /**
     * 生成符合 HS512 要求的 JWT Secret (至少64字节)
     */
    public static String generateHS512Secret() {
        SecureRandom random = new SecureRandom();
        byte[] bytes = new byte[64]; // 64字节 = 512位，符合HS512要求
        random.nextBytes(bytes);
        return Base64.getEncoder().encodeToString(bytes);
    }
    
    /**
     * 生成自定义长度的 JWT Secret（不推荐用于HS512）
     */
    public static String generateSecret(int length) {
        if (length < 64) {
            System.out.println("警告: HS512算法要求至少64字节密钥长度！");
        }
        
        SecureRandom random = new SecureRandom();
        byte[] bytes = new byte[length];
        random.nextBytes(bytes);
        return Base64.getEncoder().encodeToString(bytes);
    }
    
    public static void main(String[] args) {
        System.out.println("=".repeat(60));
        System.out.println("生成符合 HS512 要求的 JWT Secret");
        System.out.println("=".repeat(60));
        
        // 生成符合HS512要求的Secret
        String hs512Secret = generateHS512Secret();
        
        System.out.println("HS512专用 Secret (64字节/512位):");
        System.out.println("=".repeat(60));
        System.out.println(hs512Secret);
        System.out.println("=".repeat(60));
        
        // 验证长度
        byte[] decoded = Base64.getDecoder().decode(hs512Secret);
        System.out.println("密钥实际长度: " + decoded.length + " 字节 (" + (decoded.length * 8) + " 位)");
        
        System.out.println("\napplication.yml 配置:");
        System.out.println("jwt:");
        System.out.println("  secret: \"" + hs512Secret + "\"");
        System.out.println("  expiration: 86400000");
        System.out.println("=".repeat(60));
    }
}